feat: add session expiration tracking and validation

feat: implement Redis caching for terminated sessions
feat: add new session GUID queries for validation
refactor: extend Session model with last_refresh_exp_time
refactor: update token generation to include role and session
refactor: modify auth middleware to validate session status
refactor: replace GetUserSessions with GetValidUserSessions
chore: add uuid/v5 dependency
fix: update router to pass dependencies to auth middleware
chore: update SQL schema and queries for new expiration field

sqlc/query.sql

@@ -238,13 +238,26 @@ SET
   platform = COALESCE($3, platform),
   latest_ip = COALESCE($4, latest_ip),
   login_time = COALESCE($5, login_time),
-  last_seen_date = COALESCE($6, last_seen_date),
-  terminated = COALESCE($7, terminated)
+  last_refresh_exp_time = COALESCE($6, last_refresh_exp_time),
+  last_seen_date = COALESCE($7, last_seen_date),
+  terminated = COALESCE($8, terminated)
 WHERE id = $1;
 
-;-- name: GetUserSessions :many
+;-- name: GetSessionByGuid :one
 SELECT * FROM sessions
-WHERE user_id = $1 AND terminated IS FALSE;
+WHERE guid = (@guid::text)::uuid;
+
+;-- name: GetValidUserSessions :many
+SELECT * FROM sessions
+WHERE 
+  user_id = $1 AND terminated IS FALSE AND
+  last_refresh_exp_time > CURRENT_TIMESTAMP;
+
+;-- name: GetUnexpiredTerminatedSessionsGuids :many
+SELECT guid FROM sessions
+WHERE 
+  terminated IS TRUE AND
+  last_refresh_exp_time > CURRENT_TIMESTAMP;
 
 ;-- name: TerminateAllSessionsForUserByUsername :exec
 UPDATE sessions

sqlc/schema.sql

@@ -66,6 +66,7 @@ CREATE TABLE IF NOT EXISTS "sessions" (
   platform VARCHAR(32),
   latest_ip VARCHAR(16),
   login_time TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  last_refresh_exp_time TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP + INTERVAL '10080 seconds',
   last_seen_date TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
   terminated BOOLEAN DEFAULT FALSE
 );